Newbie question



  • Hi, I have read all the stickies and can not find the answer to my question.
    I have a core router with many many remote access points connected to it. Up to now we had a Netequalizer connected between the core router and the access points.
    Question is, can we put the PFsense firewall in the same position as the Netequalizer was, acting as a transparent firewall, limiting the amount of open connections each user can open while distributing the bandwidth as equal as possible during our peak times?



  • yes, with the traffic shaper you can limit users bandwidth



  • But will it do it automatically or do you have to enter in every single ip of each of the machines on the network?

    Also I have set up pfsense tonight and turned it into a transparent bridge. I can not get any traffic to move accross it.
    Is there some default firewall rules I need? Have'nt messed much with the firewall.



  • You can set a rule to catch all the clients.

    Under Advanced Options in the rule, you can limit:

    • Maximum number of established connections per host

    • Maximum state entries per host

    • Maximum new connections / per second(s)



  • @dreamslacker:

    You can set a rule to catch all the clients.

    Under Advanced Options in the rule, you can limit:

    • Maximum number of established connections per host

    • Maximum state entries per host

    • Maximum new connections / per second(s)

    When you say all the clients, we dont have to add them individually do we? We have over 2500 clients on the LAN side of the PFsense.
    I would like to limit each customer to 60 open connections, 30 up and 30 down automatically. Can this be done? If so can you point me to how its done?

    Thanks



  • @Premier:

    @dreamslacker:

    You can set a rule to catch all the clients.

    Under Advanced Options in the rule, you can limit:

    • Maximum number of established connections per host

    • Maximum state entries per host

    • Maximum new connections / per second(s)

    When you say all the clients, we dont have to add them individually do we? We have over 2500 clients on the LAN side of the PFsense.
    I would like to limit each customer to 60 open connections, 30 up and 30 down automatically. Can this be done? If so can you point me to how its done?

    Thanks

    That will fall under:  Maximum number of established connections per host

    Just create a rule that catches all traffic from LAN then set the limits per host.  Of course, if you need to shape more then there's much more tweaking to be done.



  • Any chance of a link to some kind of tutorial as to how that is done?
    Also I have my WAN and LAN bridged but I can not pass traffic through it. Im sure I am missing rules in the firewall but dont have a clue what to put in there.



  • @dreamslacker:

    That will fall under:  Maximum number of established connections per host

    Just create a rule that catches all traffic from LAN then set the limits per host.  Of course, if you need to shape more then there's much more tweaking to be done.

    What is the recommended setting for this? I set it to 60 on both the WAN and the LAN side and after a few mins my connection just came to a crawl. I had to disable it to get back online.


Log in to reply